Loading...
3 results
Search Results
Now showing 1 - 3 of 3
- Efficient feature selection for intrusion detection systems with priority queue-based GRASPPublication . Quincozes, Vagner E.; Quincozes, Silvio E.; Albuquerque, Célio; Passos, Diego; Massé, DanielThe Greedy Randomized Adaptive Search Proce dure for Feature Selection (GRASP-FS) is a recently-proposed metaheuristic that optimizes the feature selection process for Intrusion Detection Systems (IDS) by combining exploration and refinement techniques for more assertive intrusion detection. However, GRASP-FS may be time and resource-consuming for large datasets. In this work, we propose GRASPQ-FS, an extended version of GRASP-FS using Priority Queues to reduce resource consumption and processing time. As an additional contribution, we provide a comprehensive analysis of the most suitable parameters for our RASPQ-FS. Our results reveal that GRASPQ-FS can speed up feature selection up to 90% over GRASP-FS, without compromising F1-Score. Also, we observed that a priority queue with 50 solutions saved 50% in execution time while increasing the F1-Score by 4.5%.
- Towards feature engineering for intrusion detection in IEC-61850 communication networksPublication . Quincozes, Vagner; Ereno Quincozes, Silvio; Passos, Diego; Albuquerque, Célio; Mosse, DanielDigital electrical substations are fundamental in providing a reliable basis for smart grids. However, the deployment of the IEC-61850 standards for communication between intelligent electronic devices (IEDs) brings new security challenges. Intrusion detection systems (IDSs) play a vital role in ensuring the proper function of digital substations services. However, the current literature lacks efficient IDS solutions for certain classes of attacks, such as the masquerade attack. In this work, we propose the extraction and correlation of relevant multi-layer information through a feature engineering process to enable the deployment of machine learning-based IDSs in digital substations. Our results demonstrate that the proposed solution can detect attacks that are considered challenging in the literature, attaining an F1-score of up to 95.6% in the evaluated scenarios.
- Assessing machine learning techniques for intrusion detection in cyber-physical systemsPublication . Santos, Vinicius F.; Albuquerque, Célio; Passos, Diego; Ereno Quincozes, Silvio; Mossé, DanielCyber-physical systems (CPS) are vital to key infrastructures such as Smart Grids and water treatment, and are increasingly vulnerable to a broad spectrum of evolving attacks. Whereas traditional security mechanisms, such as encryption and firewalls, are often inadequate for CPS architectures, the implementation of Intrusion Detection Systems (IDS) tailored for CPS has become an essential strategy for securing them. In this context, it is worth noting the difference between traditional offline Machine Learning (ML) techniques and understanding how they perform under different IDS applications. To answer these questions, this article presents a novel comparison of five offline and three online ML algorithms for intrusion detection using seven CPS-specific datasets, revealing that offline ML is superior when attack signatures are present without time constraints, while online techniques offer a quicker response to new attacks. The findings provide a pathway for enhancing CPS security through a balanced and effective combination of ML techniques.